I have a tele-consultation and hospital-management solution that runs as a Flutter mobile application and a complementary web portal. Before we take the platform into wider production, I want a thorough, end-to-end penetration test that leaves no blind spots Scope • Test BOTH the Flutter app (Android / iOS builds) and the web application, including all APIs that connect them. Hosted on AWS. • Cover the complete stack—network perimeter, in-app logic, and database layer—so network, application, and data-store risks are all addressed. • Simulate real-world attack paths that a threat actor could attempt, from initial reconnaissance through privilege escalation and data extraction. What I expect to receive • A detailed report that ranks every finding by criticality, explains reproduction steps, and recommends concrete fixes. • Screenshots or videos that clearly prove each exploit. • An executive summary I can hand to management. • A follow-up retest (after we patch) to confirm vulnerabilities have been closed. The apps are already containerised and running in a staging environment; access credentials and any required architecture diagrams will be shared once we agree on the engagement timeline. If specialised tooling is required—Burp Suite, OWASP ZAP, Metasploit, MobSF, or custom scripts—feel free to use what you are most comfortable with as long as everything is documented in the final deliverables. Let me know your projected schedule and any prerequisites you need from my side so we can get started right away.